Medical technology company LivaNova has disclosed a recent cybersecurity incident involving its U.S. subsidiary, LivaNova USA, Inc., impacting its patients. 

"LivaNova encourages affected patients in the U.S. to remain vigilant for fraud and identity theft incidents by reviewing their account statements and monitoring their free credit reports, and to remain alert for unsolicited communications involving personal information," the company said in a press release.

Cyberattack Compromises LivaNova's Patient Data

The incident was initially identified on November 19, 2023, and it prompted the company to initiate an investigation with external cybersecurity experts and law enforcement support.

The company's information technology systems disruption led LivaNova to take specific systems offline and commence remedial action promptly.

Through their investigation, they determined that unauthorized access by a third party occurred around October 26, 2023.

The breach resulted in the unauthorized acquisition of identifiable personal information of U.S. patients, with the nature and extent of the compromised data varying among individuals. 

Affected information included names, contact details (such as phone numbers, email addresses, and postal addresses), Social Security numbers, dates of birth, medical specifics (including treatment details, diagnoses, prescriptions, physicians, medical record numbers, and device serial numbers), and health insurance details, according to LivaNova.

Following the discovery,  the company promptly informed affected U.S. patients and published a notice on its website on April 25, 2024, to ensure transparency and provide necessary information to those affected. 

The company claims that it is is currently reaching out to impacted individuals for whom they have contact details, offering complimentary identity protection and credit monitoring services to mitigate potential fraud or identity theft risks.

In response to this incident, LivaNova advises affected U.S. patients to remain vigilant by regularly monitoring their account statements, reviewing free credit reports, and being cautious of any unsolicited communications that may include personal information.

For further inquiries or information, the company said that affected individuals can contact its toll-free number at (833) 931-5100 during business hours, Monday through Friday, 8 a.m. to 8 p.m. CT, and reference engagement number B121304 when calling.

Read Also: Frontier Communications Suffers Cyber Breach by Unknown Cybercrime Group  

Cyberattack on UnitedHealth Leads to 'Substantial' Amount of Stolen Health Data 

In related news, UnitedHealth has confirmed that many Americans had their health data compromised following a ransomware attack on its subsidiary, Change Healthcare, earlier this year.

Based on its preliminary targeted data analysis, the health insurance company has identified files containing personally identifiable information (PII) or protected health information (PHI) that could potentially impact a significant portion of the US population.

However, the company has not yet found any evidence that comprehensive medical histories or doctor's records were exposed in the breach.

UnitedHealth anticipates that it will take several months of ongoing investigation due to the complexity and scope of the data analysis before enough information is gathered to identify and notify affected customers. 

Read more about this story here.

Related Article: Apple Store Online Third-Party Pick-Up Scam, Exposed by Cybersecurity Professionals